Privacy & Cookie Policy

Somerville Group Limited is committed to keeping your data confidential

We understand that your privacy and the security of personal information is extremely important. This notice sets out what we do with personal information, what we do to keep it secure, from where and how we collect it, as well as rights in relation to the personal information we hold about.

Personal information is, where appropriate, shared within Somerville Group Limited. We use a number of third parties to process personal information on our behalf however, we have processes in place to ensure they also maintain the security of the information.

You have a number of rights over your personal information. How you can exercise these rights is set out in this notice.

We do not send direct marketing.

We will limit the collection and processing of Sensitive Information (as defined under the General Data Protection Regulation (GDPR) as much as is practically possible.

Who are we?

When we say ‘we’ or ‘us’ in this policy, we’re referring to Somerville Group Limited.

Information that you provide to us such as your name, address, date of birth, telephone number, email address, and bank account details and any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;

Information required to for certain areas of business such as your employment details, financial position, information taken from identification documents such as your passport or driving licence, your insurance, criminal and medical history.

Your login details for our systems, including your user name and chosen password;

Information about any device you have used to access our Services (such as your device’s make and model, browser or IP address) and also how you use our Services. If you use our websites, we try to identify when and how you use those websites too;

Your contact details and details of the emails and other electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication.

Information from other sources such as specialist companies that provide customer information (like credit reference agencies such as Experian, fraud prevention agencies, claims databases, marketing and research companies) and social media providers, as well as information that is publicly available.

Further information about the specific types of information that we collect and process are set out in the “How we use your information” section below.

Our legal basis for processing your personal information

Whenever we process your personal information we have to have something called a “legal basis” for what we do. The different legal basis we rely on include:

Consent: You have agreed to us processing your personal information for a specific purpose;

Legitimate interests: The processing is necessary for us to conduct our business, but not where our interests are overridden by your interests or rights.

Performance of a contract: We must process your personal information to meet the terms of your contract with us;

Prevention of fraud: Where we are required to process your data in order to protect us and our customers from fraud or money laundering;

Vital interests: The processing of your personal information is necessary to protect you or someone else’s life;

Legal claims: The processing of your personal information is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity; and

Legal obligation: We are required to process your personal information by law.

How do we use your information?

There are a number of ways in which we use your personal information, depending on why you are interacting with us.

If you are a an employee

When you apply to join us as an employee, we will collect certain information about you including your name, phone numbers, email address and bank details. The relevant teams will have access to all of this information. Some of this information will also be made available to other departments as needed, for example the finance team to process your payment information.

We process this data to ensure we comply with our contractual obligations we have with you.

If you are a supplier/provider

In order to work with our suppliers/providers, we will collect information such as the names, contact numbers and email addresses of relevant employees discuss your services, to manage our contractual obligations and billing arrangements. This information may be shared with colleagues within the company that are involved in our supply chain including finance team members, operations managers and service users.

If we have a legal obligation to do so

Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.

How will you obtain my consent when required?

As outlined above, there may be instances where our basis for processing your personal data is that you have provided your consent. In these circumstances, we will explain to you in writing what personal data we need and why, whether we need to disclose your personal data to any third party who and why, how long we will store the personal data, your rights of access to the personal data, your options for consenting or refusing to consent or withdrawing consent, and the implications of consenting or refusing to consent or withdrawing consent. Please note that it is not a condition of engagement with us that you have to agree to any request for consent from us. We will only process your personal information without your knowledge or consent where this is required or permitted by law.

Recipients we share your data with

We may share your personal information with the following recipients:

Provider partners and service delivery companies that support us in the provision of goods and services to you

Agents and sub-contractors who help us provide services (we employ other companies and individuals to perform functions on our behalf. Examples include IT support service and performing legal and other professional services. Those companies and individuals have access to your data as needed to perform their functions, but they are not permitted to use it for other purposes)

Third party service providers (e.g. when we outsource some of the operations of our business to third party service providers. We restrict how such service providers may access, use and disclose your data)

Credit reference agencies

Legal and professional advisors, including auditors

Courts, to comply with legal requirements, and for the administration of justice

In an emergency to protect your vital interests

To protect security or integrity of our business operations

When we restructure our business or have a merger or re-organisation

Anyone else where we have your consent or as required by law

Transfer of personal data outside the European Union (EU)

We are committed to implementing technical and organisational measures that, by default meet the requirements of the data protection legislation and the appropriate level of security. We will not share your personal data with a third party organisation without a valid business reason, a contract or Data Sharing Agreement in place, or without your consent. We will not transfer your personal data to organisations outside the European Union (EU) unless that country or territory can ensure an adequate level of protection in relation to the processing of your personal data.

How long do we keep your data?

We retain your data primarily to meet statutory and regulatory obligations; secondly, your data is retained to enable us to pursue our legitimate business interests. Our retention schedules are available on request.

In some circumstances, we may anonymise your personal information so that it can no longer be associated with you; in such circumstances we may use such information without further notice to you.

Your rights

You have a number of rights under data protection legislation which, in certain circumstances, you may be able to exercise in relation to the personal information we process about you. These include:

The right to be informed

The right of access

The right to rectification

The right to erasure

The right to restrict processing

The right to data portability

The right to object

Where we rely on consent as the legal basis on which we process your personal information, you may also withdraw that consent at any time.

If you are seeking to exercise any of these rights, please contact us using the details in the “Contact Us” section below.

Requests, complaints or queries

We try to meet the highest standards when processing personal information. For this reason, we take any requests, complaints or queries we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.

This privacy notice does not provide exhaustive detail of all aspects of our processing of personal information. However, we are happy to provide any additional information or explanation needed.

If you want to make a query, request, or a complaint about the way we have processed your personal information you can contact us directly:

By writing to us at our registered address (above)

By emailing us at enquiries@somerville.co.uk

By telephoning us on 01787 464400

Alternatively, you have the right to lodge a complaint with the regulator which oversees data protection law:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

SK9 5AF

Tel: 0303 123 1113

Changes to this privacy notice

We keep our privacy notice under regular review. Notifications of changes to this privacy notice will be via email. This privacy notice was last updated in May 2018.

Cookies

When you visit our site, we install a selection of Cookies on your computer, and as we believe you have a right to know, we’d like to make aware of this. The Cookies are simple text files, and don’t save any identifiable personal data about you on your computer. They are a way for us to recognise if you’ve visited our website before, which provides us with Analytics data from Google about our website traffic levels, and improve user experience.

Variety is the spice of life, which is why there is more than one type of Cookie and we thought we’d explain what this means for you, the user.

Strictly Necessary Cookies are installed automatically as you wouldn’t be able to use the internet without them. They can’t gather information that could be used for marketing purposes. They are used for navigational purposes, and store your preferences. For example, these Cookies are placed on your computer when you choose to reduce a drop down menu, and then navigate to a another page on the website. The drop down menu showing on the new page, will remain reduced.

Performance Cookies only collect information about how you’ve used our website, for our benefit. For example, this includes Analytics – where the data we collect enables us to better manage the overall performance and design of our site.

Should you choose to view a video on our site, you are consenting to the third-party Cookie policy from YouTube.

By continuing to view our site, you are consenting to us storing cookies within your browser for the reasons described.

Other Sites

For your convenience we have included links to other websites that we believe may be useful. These web sites will each have their own privacy policy. Please ensure that you have read and fully understand their privacy policy prior to using their site.